Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftWindows 7

438 matches found

CVE
CVEadded 2017/04/12 2:59 p.m.3618 views

CVE-2017-0199

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code...

9.3CVSS8.3AI score0.94366EPSS
CVE
CVEadded 2021/07/02 10:15 p.m.2467 views

CVE-2021-34527

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...

9CVSS9AI score0.94349EPSS
CVE
CVEadded 2022/06/01 8:15 p.m.2070 views

CVE-2022-30190

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, vi...

9.3CVSS8.5AI score0.93412EPSS
CVE
CVEadded 2021/06/08 11:15 p.m.2028 views

CVE-2021-1675

Windows Print Spooler Remote Code Execution Vulnerability

9.3CVSS8.8AI score0.94349EPSS
CVE
CVEadded 2010/07/22 10:0 a.m.1617 views

CVE-2010-2568

Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explor...

9.3CVSS7.7AI score0.93296EPSS
CVE
CVEadded 2014/05/14 11:13 a.m.1341 views

CVE-2014-1812

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential i...

9CVSS8.6AI score0.77741EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.1329 views

CVE-2017-8464

Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file,...

9.3CVSS7.2AI score0.93709EPSS
CVE
CVEadded 2014/11/11 10:55 p.m.1222 views

CVE-2014-6332

OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstra...

9.3CVSS8.8AI score0.94069EPSS
CVE
CVEadded 2021/06/08 11:15 p.m.1162 views

CVE-2021-31956

Windows NTFS Elevation of Privilege Vulnerability

9.3CVSS8.5AI score0.85551EPSS
CVE
CVEadded 2021/07/16 9:15 p.m.1134 views

CVE-2021-34448

Scripting Engine Memory Corruption Vulnerability

9.3CVSS7.4AI score0.02062EPSS
CVE
CVEadded 2012/04/10 9:55 p.m.1057 views

CVE-2012-0151

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE...

9.3CVSS5.8AI score0.88546EPSS
CVE
CVEadded 2019/05/16 7:29 p.m.1017 views

CVE-2019-0903

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3CVSS8AI score0.50678EPSS
CVE
CVEadded 2014/10/22 2:55 p.m.1004 views

CVE-2014-6352

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted Pow...

9.3CVSS7.6AI score0.90891EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.995 views

CVE-2016-0185

Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."

9.3CVSS7.9AI score0.82752EPSS
CVE
CVEadded 2016/11/10 7:0 a.m.990 views

CVE-2016-7256

atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS8.8AI score0.50761EPSS
CVE
CVEadded 2014/10/15 10:55 a.m.945 views

CVE-2014-4114

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sand...

9.3CVSS9.5AI score0.92026EPSS
CVE
CVEadded 2014/11/18 11:59 p.m.936 views

CVE-2014-6324

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a...

9CVSS5.9AI score0.87205EPSS
CVE
CVEadded 2014/10/15 10:55 a.m.913 views

CVE-2014-4148

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted True...

9.3CVSS7.9AI score0.34773EPSS
CVE
CVEadded 2015/01/13 10:59 p.m.902 views

CVE-2015-0016

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted path...

9.3CVSS6.8AI score0.91334EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.897 views

CVE-2016-3393

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web site, ...

9.3CVSS7.8AI score0.29859EPSS
CVE
CVEadded 2015/07/20 6:59 p.m.896 views

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS7.4AI score0.91723EPSS
CVE
CVEadded 2014/11/11 10:55 p.m.858 views

CVE-2014-4077

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanes...

9.3CVSS8.4AI score0.2956EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.583 views

CVE-2022-29130

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.06808EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.406 views

CVE-2022-22012

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.07142EPSS
CVE
CVEadded 2019/10/10 2:15 p.m.357 views

CVE-2019-1365

An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context of NT AUTHORITY\sy...

9.9CVSS9.3AI score0.02534EPSS
CVE
CVEadded 2021/07/16 9:15 p.m.325 views

CVE-2021-34481

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...

9.8CVSS8.6AI score0.30378EPSS
CVE
CVEadded 2011/11/08 9:55 p.m.311 views

CVE-2011-2016

Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a direc...

9.3CVSS6.4AI score0.12119EPSS
CVE
CVEadded 2022/08/09 8:15 p.m.308 views

CVE-2022-30133

Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.09001EPSS
CVE
CVEadded 2012/03/13 9:55 p.m.303 views

CVE-2012-0002

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which allows remote attackers to execute arbitrary code ...

9.3CVSS9.5AI score0.87223EPSS
CVE
CVEadded 2022/09/13 7:15 p.m.281 views

CVE-2022-34721

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.18666EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.264 views

CVE-2022-21972

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

9.3CVSS9AI score0.56635EPSS
CVE
CVEadded 2021/08/12 6:15 p.m.257 views

CVE-2021-26424

Windows TCP/IP Remote Code Execution Vulnerability

9.9CVSS8.8AI score0.09829EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.236 views

CVE-2020-1013

<p>An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.</p><p>To exploit this vulnerabili...

9.3CVSS8.1AI score0.15904EPSS
CVE
CVEadded 2020/06/09 8:15 p.m.224 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.32912EPSS
CVE
CVEadded 2019/03/06 12:0 a.m.222 views

CVE-2019-0633

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.

9CVSS9.3AI score0.33738EPSS
CVE
CVEadded 2021/08/12 6:15 p.m.221 views

CVE-2021-36936

Windows Print Spooler Remote Code Execution Vulnerability

9.8CVSS9AI score0.03552EPSS
CVE
CVEadded 2021/12/15 3:15 p.m.221 views

CVE-2021-43217

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.25196EPSS
CVE
CVEadded 2021/05/11 7:15 p.m.215 views

CVE-2021-28476

Windows Hyper-V Remote Code Execution Vulnerability

9.9CVSS9.7AI score0.63205EPSS
CVE
CVEadded 2022/04/15 7:15 p.m.208 views

CVE-2022-26903

Windows Graphics Component Remote Code Execution Vulnerability

9.3CVSS8.8AI score0.01609EPSS
CVE
CVEadded 2022/04/15 7:15 p.m.205 views

CVE-2022-24541

Windows Server Service Remote Code Execution Vulnerability

9.3CVSS9.4AI score0.07634EPSS
CVE
CVEadded 2022/06/15 10:15 p.m.204 views

CVE-2022-30141

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.3CVSS8.5AI score0.09953EPSS
CVE
CVEadded 2023/01/10 10:15 p.m.201 views

CVE-2023-21557

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

9.1CVSS7.5AI score0.00554EPSS
CVE
CVEadded 2021/08/12 6:15 p.m.200 views

CVE-2021-36958

<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...

9.3CVSS8.5AI score0.04045EPSS
CVE
CVEadded 2022/04/15 7:15 p.m.192 views

CVE-2022-26919

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.3CVSS9AI score0.04136EPSS
CVE
CVEadded 2022/09/13 7:15 p.m.190 views

CVE-2022-34718

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.84756EPSS
CVE
CVEadded 2019/03/06 12:0 a.m.189 views

CVE-2019-0630

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633.

9CVSS9.3AI score0.33738EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.188 views

CVE-2022-29129

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9CVSS9.4AI score0.13617EPSS
CVE
CVEadded 2011/04/13 6:55 p.m.185 views

CVE-2011-0657

DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote attackers to execute arbitrary code via (1) a cr...

9.8CVSS7.6AI score0.49697EPSS
CVE
CVEadded 2022/01/11 9:15 p.m.185 views

CVE-2022-21857

Active Directory Domain Services Elevation of Privilege Vulnerability

9CVSS9.1AI score0.02533EPSS
CVE
CVEadded 2019/01/08 9:29 p.m.184 views

CVE-2019-0584

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

9.3CVSS8AI score0.35437EPSS
Total number of security vulnerabilities438